ONTAP System Manager is not reachable after certificate changes
- Views:
- 2,315
- Visibility:
- Public
- Votes:
- 1
- Category:
- ontap-system-manager
- Specialty:
- om
- Last Updated:
- 2/27/2024, 1:12:07 PM
Applies to
- ONTAP System Manager 9.9.1
- Self-signed certificates
Issue
- ONTAP System Manager is not reachable after certificate changes or ONTAP upgrade
- Creating and enabling a self-signed certificate following the correct procedure does not resolve the issue
- Importing a CA-signed certificate following the correct procedure also does not solve the issue
- The
apache-error logsshow the same errors throughout the certificate changes
[Tue Jul 26 17:52:31.351445 2022 +0000] [ssl:error] [pid 8989:tid 34389184256] [client <ip>:53884] [vserver 4294967295] Failed to initialize SSL context
[Tue Jul 26 17:52:35.152161 2022 +0000] [ssl:notice] [pid 8989:tid 34389670400] [client <ip>:51168] [vserver 4294967295] Setting server certificate chain file /mroot/etc/vserver_4294967295/certificates/ssl/server/d12cad7a-48c9-11ea-9839-00a098efa803/chain.pem
[Tue Jul 26 17:52:35.152205 2022 +0000] [ssl:notice] [pid 8989:tid 34389670400] [client <ip>:51168] [vserver 4294967295] Certificate-based client authentication is not configured for this vserver
[Tue Jul 26 17:52:35.153498 2022 +0000] [ssl:emerg] [pid 8989:tid 34389670400] AH01903: Failed to configure CA certificate chain!
[Tue Jul 26 17:52:35.153506 2022] [ssl:emerg] [pid 8989:tid 34389670400] AH02312: Fatal error initialising mod_ssl, exiting.
